Selinux Project Selinux — known CVE vulnerabilities
Every CVE whose affected-product data names Selinux Project Selinux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2016-7545 — CVSS 8.8 (high): SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
CVE-2015-3170 — CVSS 5.5 (medium): selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by…
CVE-2018-1063 — CVSS 4.4 (medium): Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the…
CVE-2021-36087 — CVSS 3.3 (low): The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This…
CVE-2021-36084 — CVSS 3.3 (low): The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and…
CVE-2021-36085 — CVSS 3.3 (low): The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).
CVE-2021-36086 — CVSS 3.3 (low): The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and…